Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.

Zeljka Zorz

Magento
Magento plugs XSS holes that can lead to e-store hijacking, patch immediately!

Last week, Magento released a very important bundle of patches for their eponymous e-commerce platform that should be implemented as soon as possible. The bundle plugs a …

labyrinth
“Deliberately hidden” backdoor found on US government’s comms system

Researchers from Austrian infosec outfit SEC Consult have unearthed what they dubbed a “deliberately hidden backdoor account” in NX-1200, a network controller …

abstract
Unknown attackers are infecting home routers via dating sites

Damballa researchers have spotted an active campaign aimed at infecting as many home routers possible with a worm. A variant of the TheMoon worm, it works by taking advantage …

airplane
Cyber fraudsters steal over $50 million from airplane systems manufacturer

Austrian company FACC, which develops and produces components and systems made of composite materials for aircraft and aircraft engine manufacturers such as Boeing and Airbus, …

Facebook scam
Fake Facebook emails deliver malware masquerading as audio message

A new spam campaign is targeting Facebook users. It uses the same approach as the recent one aimed at WhatsApp users, and Comodo researchers believe that the authors of both …

Windows
Old, unpatched flaws exploited to achieve control of Windows systems, networks

Foxglove Security researcher Stephen Breen has demonstrated that you don’t need to exploit a 0-day or even a recently discovered vulnerability to gain the highest level …

Symantec scam
Authorized Symantec reseller scams users into buying security software

Malwarebytes researchers have discovered a new tech support scam that, unlike most, is being perpetrated by an active member of the Symantec Partner Program. Users are being …

Tux
0-day in Linux kernel endangers Linux servers, Android devices

A serious and pretty longstanding flaw in the Linux kernel has been recently discovered by researchers from infosec outfit Perception Point. The vulnerability (CVE-2016-0728) …

Apple
Apple kills 28 flaws in OS X, iOS and QuickTime

If you use Apple’s OS X El Capitan, iOS and QuickTime on any of your computers and devices, you might want to implement the latest updates pushed out on Tuesday. OS X El …

Intel CPU
Intel patches MiTM flaw in its Driver Update Utility

Intel has fixed a remotely exploitable vulnerability (CVE-2016-1493) in the Intel Driver Update Utility which could be used by a man-in-the-middle attacker to corrupt …

linux tux
New Linux Trojan performs system reconnaissance

A new Linux threat has been identified by Dr. Web researchers. Dubbed Linux.Ekoms.1, this Trojan’s apparent function is to discover details about the system it has …

Steam
Malicious Chrome extensions ransack Steam users’ inventory

Steam users are being targeted by a scammer that’s offering apparently helpful Chrome extensions for free, but is actually using them to steal items from victims’ …

Featured news

Resources

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools